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Abstract. In this paper, we first briefly survey automated termination proof meth- 
ods for higher-order calculi. We then concentrate on the higher-order recursive 
path ordering, for which we provide an improved definition, the Computability 
Path Ordering. This new definition appears indeed to capture the essence of com- 
putability arguments a la Tait and Girard, therefore explaining the name of the 
improved ordering. 

1 Introduction 

This paper addresses the problem of automating termination proofs for 
typed higher-order calculi. 

The first attempt we know of goes back to Breazu-Tannen and Gal- 
lier [24] and Okada [44]. Following up a pioneering work of Breazu- 
Tannen who considered the confluence of such calculi [23], both groups 
of authors showed independently that proving strong normalization of a 
polymorphic lambda-calculus with first-order constants defined by first- 
order rewrite rules was reducible to the termination proof of the set of 
rewrite rules: beta-reduction need not be considered. Both works used 
Girard's method based on reducibility candidates -also called sometimes 
computability predicates. They then gave rise to a whole new area, by ex- 
tending the type discipline, and by extending the kind of rules that could 
be taken care of. 

The type discipline was extended soon later independently by Bar- 
banera and Dougerthy in order to cover the whole calculus of construc- 
tions [3,28]. 

Higher-order rewrite rules satisfying the general schema, a general- 
ization of Godel's primitive recursion rules for higher types, were then 
introduced by Jouannaud and Okada [34, 35] in the case of a polymor- 
phic type discipline. The latter work was then extended first by Barbanera 
and Fernandez [4, 5] and finally by Barbanera, Fernandez and Geuvers to 
cover the whole calculus of constructions [6]. 



It turned out that recursors for simple inductive types could be taken 
care of by the general schema, but arbitrary strict inductive types could 
not, prompting for an extension of the schema, which was reformulated 
for that purpose by Blanqui, Jouannaud and Okada [16]. This new for- 
mulation was based on the notion of computability closure of a term f(s) 
headed by a higher-order constant /, defined as a set containing the im- 
mediate subterms s of f(s) and closed under computability preserving 
operations in the sense of Tait and Girard. Membership to the general 
schema was then defined for an arbitrary rewrite rule as membership of 
its right-hand side to the computability closure of its left-hand side. 

Besides being elegant, this formulation was indeed much more flex- 
ible and powerful. By allowing for more expressive rules at the object 
level of the calculus of constructions, it could handle many more induc- 
tive types than originally. The general schema was finally extended by 
Blanqui in a series of papers by allowing for recursive rules on types, 
in order to cover the entire calculus of inductive constructions including 
strong elimination rules [13, 14]. 

The definition of the general schema used a precedence on higher- 
order constants, as does Dershowitz recursive path ordering for first- 
order terms [26]. This suggested generalizing this ordering to the higher- 
order case, a work done by Jouannaud and Rubio in the case of a simple 
type discipline under the name of HORPO [37]. Comparing two terms 
with HORPO starts by comparing their types under a given well-founded 
quasi-ordering on types before to proceed recursively on the structure of 
the compared terms, comparing first in the precedence the higher-order 
constants heading both terms. Following the recursive path ordering tra- 
dition, a subterm of the left-hand side could also be compared with the 
whole right-hand side, regardless of the precedence on their heads. 

HORPO was then extended to cover the case of the calculus of con- 
structions by Walukiewicz [51], and to use semantic interpretations of 
terms instead of a precedence on function symbols by Borralleras and 
Rubio [21]. HORPO was also improved by the two original authors in 
two different ways: by comparing in the so-called subterm case an ar- 
bitrary term belonging to the computability closure of the left-hand side 
term with the right-hand side term, therefore generalizing both HORPO 
and the general schema; and by allowing for a restricted polymorphic dis- 
cipline [40] . An axiomatic presentation of the rules underlying HORPO 
can be found in [31]. A more recent work in the same direction is [27]. 
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The ordering and the computability closure definitions turn out to 
share many similar constructs, raising expectations for a simpler and yet 
more expressive definition, instead of a pair of mutually inductive defini- 
tions for the computability closure and the ordering itself, as advocated 
in [17]. These expectations were partly met, on the one hand in [15] with 
a single computability oriented definition, and on the other hand in [18] 
where a new, syntax oriented recursive definition was given for HORPO. 
In contrast with the previous definitions, bound variables were handled 
explicitly by the ordering, allowing for arbitrary abstractions in the right- 
hand sides. 

A third, different line of work was started by van de Pol and Schwicht- 
enberg, who aimed at (semi)-automating termination proofs of higher- 
order rewrite rules based on higher-order pattern matching, a problem 
generally considered as harder as the previous one [47,49,48]. Related 
attempts with more automation appear in [43, 38], but were rather uncon- 
clusive for practical applications. The general schema was then adapted 
by Blanqui to cover the case of higher-order pattern matching [11]. Fi- 
nally, Jouannaud and Rubio showed how to turn any well-founded or- 
dering on higher-order terms including beta and eta, into a well-founded 
ordering for proving termination of such higher-order rules, and intro- 
duced a very simple modification of HORPO as an application of this 
result [36]. 

A fourth line of work was started by Borralleras and Rubio. Among 
other material, Borralleras thesis [20] contained a constraint-based ap- 
proach to the semantic path ordering [41] which was shown to encom- 
pass the dependency pairs method of Arts and Giesl [2, 30] in all its vari- 
ous aspects. Besides the thesis itself, the principles underlying this work 
are also described in [21] and [22]. An interesting aspect is that they lift 
to the higher-order case. Extending the dependency pairs method to the 
higher-order case was also considered independently by Sakai et al [46, 
45] and Blanqui [10]. 

Finally, a last line of work addresses the question of proving termi- 
nation of higher-order programs. This is of course a slightly different 
question, usually addressed by using abstract interpretations. These in- 
terpretations may indeed use the general schema or HORPO as a basic 
ingredient for comparing inputs of a recursive call to those of the call they 
originate from. This line of work includes [32, 25, 8, 52, 1, 7, 12, 29]. An 
important related work, considering pure lambda terms, is [19]. 
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We believe that our quest shall be shown useful for all these lines of 
work, either as a building block, or as a guiding principle. 

In this paper, we first slightly improve the definition of HORPO in 
the very basic case of a simple type discipline, and rename it as the 
Computability Path Ordering. We then address the treatment of induc- 
tive types which remained ad hoc so far, therefore concluding our quest 
thanks to the use of accessibility, a relationship which was shown to gen- 
eralize the notion of inductive type by Blanqui [13, 14]. We finally list 
which are the most important question to be addressed for those who 
would like to start a new quest. 

2 Higher- Order Algebras 

Polymorphic higher-order algebras are introduced in [40]. Their purpose 
is twofold: to define a simple framework in which many-sorted algebra 
and typed lambda-calculus coexist; to allow for polymorphic types for 
both algebraic constants and lambda-calculus expressions. For the sake 
of simplicity, we will restrict ourselves to monomorphic types in this 
presentation, but allow us for polymorphic examples. Carrying out the 
polymorphic case is no more difficult, but surely more painful. 

We give here the minimal set of notions to be reasonably self-contained. 

Given a set S of sort symbols of a fixed arity, denoted by s : * n — > *, 
the set of types is generated by the constructor — > for functional types: 

T s := 8(7$) | (T s -> T s ) 
for s : * n — > * e S 

Function symbols are meant to be algebraic operators equiped with 
a fixed number n of arguments (called the arity) of respective types 
<7i, . . . , a n , and an output type a. Let T = \^ rn ,...,a n ,a^'a 1 x...xa n -^a- The 
membership of a given function symbol / to .F ct1 x...x<t„-kt is called a type 
declaration and written / : o\ x . . . x a n — > a. 

The set T(jF, X) of raw algebraic \-terms is generated from the sig- 
nature T and a denumerable set X of variables according to the grammar: 

T := X I (XX : T S .T) | @(T, T) \ F(T, . . . , T). 

The raw term Xx : a.u is an abstraction and @(u,v) is an application. 
We may omit a in Xx : a.u and write @(u, v 1: . . . , v n ) or u(v\, . . . , v n ), 
n > 0, omitting applications. Var(t) is the set of free variables of t. A 
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raw term t is ground if Var(t) = 0. The notation s shall be ambiguously 
used for a list, a multiset, or a set of raw terms si, . . . , s n . 

Raw terms are identified with finite labeled trees by considering \x : 
a.u, for each variable x and type a, as a unary function symbol taking u 
as argument to construct the raw term Xx : a.u. Positions are strings of 
positive integers. t\ p denotes the subterm of t at position p. We use t > t| p 
for the subterm relationship. The result of replacing t| p at position pint 
by if is written t[u] p . 

Typable raw terms are called terms. The typing judgements are stan- 
dard. We categorize terms into three disjoint classes: 

1. Abstractions headed by A; 

2. Prealgebraic terms headed by a function symbol, assuming (for the 
moment) that the output type of / e T is a base type; 

3. Neutral terms are variables or headed by an application. 

Substitutions, rewrite rules and higher-order reduction orderings are 
as expected, see [40]. 

3 The Computability Path Ordering 

CPO is generated from three basic ingredients: a type ordering; a prece- 
dence on functions symbols; and a status for the function symbols. Ac- 
cessibility is an additionnal ingredient originating in inductive types, 
while the other three were already needed for defining HORPO. We de- 
scribe these ingredients before defining the computability path ordering. 
We define the ordering in two steps, accessibility being used in the sec- 
ond step only. The first ordering is therefore simpler, while the second is 
more expressive. 

3.1 Basic ingredients 

- a precedence >f on symbols in JFU {@}, with / >jr @ for all / e T . 

- a status for symbols in T U {@} with @ e Mul. 

- and a quasi-ordering on types >r s called the type ordering satisfying 
the following properties, where = Ts denotes its associated equiva- 
lence relation >j- s H <r s and >t s its strict part >r s \ <t s '- 

1. Well-foundedness: >^ s = >r s U >^ is well-founded, 
where er — > r cr; 

2. Right arrow subterm: a — > r >r s t; 
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3. Arrow preservation: r — > a =r s ol iff a = r' — > a - ', r' =r s t and 
cr =r s cr'; 

4. Arrow decreasingness: r — > cr >r s a implies cr >r s a or else 
a = r' — > cr', r' =r 5 t and cr >-r s cr'; 

Arrow preservation and decreasingness imply that the type ordering 
does not, in general, have the left arrow subterm property: cr — > r 17 • 
A first axiomatic definition of the type ordering was given in [39], which 
did not need right arrow subterm. A new one, expected to be easier to 
understand, was given in [40] based solely on >r s , which uses another 
axiom, arrow monotonicity, to force the right arrow subterm property. As 
pointed out to us recently, this set of axioms is unfortunately inconsistent 
[50]. However, the restriction of the recursive path ordering proposed 
there for a type ordering does not satisfy arrow monotonicity, but does 
satisfy instead the corrected set of axioms given here. 

We now give two important properties of the type ordering: 

Lemma 1. [40] Assuming cr =? s t, cr is a data type iffr is a data type. 
Lemma 2. If a — > cr > Ts (3 — > r then a >r s r. 

Proof. If a — > a =r s P — > t then, by arrow preservation, a =? s (3 
and cr =r s r. If a — > cr >r s /3 — > r, then, by arrow decreasingness, 
either a =r s 13 and cr > rs r, or else cr > Ts /3 — > r. In the latter case, 
/5 — > t >r s t by right arrow subterm and we conclude by transitivity. □ 

3.2 Notations 

Our ordering notations are as follows: 

- s y x t for the main ordering, with a finite set of variables X C X 
and the convention that X is omitted when empty; 

- s : cr ^ s t : r for s ^ x t and cr > Ts r; 

- I : a y T r : r as initial call for each / — > r G R; 

- s >~ t is a shorthand for s >- m for all «ei; 

- ^ is the reflexive closure of 

We can now introduce the definition of CPO. 
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3.3 Ordering definition 

Definition 1. s : a >~ x t : r iff either: 

1. s — f(s) with f G T and either of 

(a) tex 

(b) t = g(t) with f = T g G T, s >~ x t and s(y Ts ) s tat f t 

(c) t = g(t) with f > T g G Tl) {@} and s>~ x t 

(d) t — Xy : (3.w and s y Xu ^ w{y i— > z} for z : (3 fresh 

(e) u^ Ts t for some u 6s 

2. s = v) and either of 

(a) tex' 

(b) t = @(u', v') and {u, v}(y Ts ) mvl {u' , u'} 

(c) t — Xy : /3.u> and s ^ x u>{y i— > 2} /or 2; : (3 fresh 

(d) u torv y x s t 

(e) u = Xx : a.w and w{x 1— > f } ^ x £ 

3. s = Arc : a.u and either of 

(a) tex 

(b) t — Xy : ct =r s /3 and 1-^2:} y x w{y z} for z : [3 fresh 

(c) t — Xy : /S.-u;, a t^t s /3 «^ s ^ x u>{y 1— > 2} /or z : (3 fresh 

(d) u{x I— > 2} >^ t/or 2 : afresh 

(e) u = @(v, x), x G" Var(t>) and t> ^ x t 

Because function symbols, applications and abstractions do not be- 
have exactly the same, we chosed to organize the definition according 
to the left-hand side head symbol: a function symbol, an application, or 
an abstraction successively. In all three cases, we first take care of the 
case where the right-hand side is a bound variable -case named variable- 
, then headed by a symbol which is the same as (or equivalent to) the 
left-hand side head symbol -case status-, or headed by a symbol which 
is strictly smaller in the precedence than the left-hand side head sym- 
bol -case precedence-, before to go with the -case subterm. The prece- 
dence case breaks into two sub-cases when the left-hand side is a func- 
tion symbol, because abstractions, which can be seen as smaller than 
other symbols, need renaming of their bound variable when pulled out, 
which makes their treatment a little bit different formally from the stan- 
dard precedence case. There are two specific cases for application and 
abstraction: one for beta-reduction, and one for eta-reduction, which are 
both built in the definition. 

This new definition schema appeared first in [18] in a slightly dif- 
ferent format. It incorporates two major innovations with respect to the 
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version of HORPO defined in [40]. The first is that terms can be ordered 
without requiring that their types are ordered accordingly. This will be 
the case whenever we can conclude that some recursive call is terminat- 
ing by using computability arguments rather than an induction on types. 
Doing so, the ordering inherits directly much of the expressivity of the 
computability closure schema used in [40]. The second is the annotation 
of the ordering by the set of variables X that were originally bound in 
the right-hand side term, but have become free when taking some sub- 
term. This allows rules Id, 2c and 3c to pull out abstractions from the 
right-hand side regardless of the left-hand side term, meaning that ab- 
stractions are smallest in the precedence. Among the innovations with 
respect to [18] are rules 3c, which compares abstractions whose bound 
variables have non-equivalent types, and rule 2d, whose formulation is 
now stronger. 

This definition suffers some subtle limitations: 

1. Case Id uses recursively the comparison s y Xu ^ w{y i— > z} for z 
fresh, implying that the occurrences of z in w can be later taken care 
of by Case la, 2a or 3a. This is no limitation. 

Cases 2c and 3c use instead the recursive comparison s y x w{y\-^ z}, 
with z fresh, hence z ^ X. As a consequence, these recursive calls 
cannot succeed if z E Var(w). We could have added this redundant 
condition for sake of clarity. We prefered to privilege uniformity and 
locality of tests. 

As a consequence, Cases Id, 2c and 3c cannot be packed together as 
it was unfortunately done in [18], where correct proofs were however 
given which did of course not correspond to the given definition. 

2. The subterm case le uses recursively the comparison u y Ts t instead 
of the expected comparison u y x t. 

On the other hand, the other subterm definitions, Cases 2d and 3d 
use the expected comparisons u >z* s t or v>z x s tm the first case, and 
u{x i— > z} y x s t in the second. This implies again that the various 
subterm cases cannot be packed together. 

3. Case lb uses recursively the comparison s(y Ts ) statf t instead of the 
stronger comparison s(^£) stat/ i. 

All our restrictions are justified by their use in the well-foundedness 
proof of y T . There is an even better argument: the ordering would not be 
well-founded otherwise, as can be shown by means of counter-examples. 
We give two below. 
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We start with an example of non-termination obtained when replacing 
the recursive call s(y Ts ) s tat f t by s(y x s ) st at f t in Case lb. 

Example 1. Let a be a type, and {/ : a x a — > a, g : (a — > a) — > a} 
be the signature. Let us consider the following non-terminating rule (its 
right-hand side beta-reduces to its left-hand side in one beta- step): 

f(g(>a.f(x,x)),g(Xjc.f(x,x))) -> @(\x.f(x,x),g(\x.f(x,x))) 

Let us assume that f >f g and that / has a multiset status. We now 
show that the ordering modified as suggested above succeeds with the 
goal 

1- f(g(Xx.f(x, x)),g(Xx.f(x, x))) y Ts @(Xx.f(x, x),g(Xx.f(x, x))). 

Since type checks are trivial, we will omit them, although the reader 
will note that there are very few of them indeed. Our goal yields two 
sub-goals by Case lc: 

2. f(g(Xx.f(x, x)),g(Xc.f(x, x))) y Xx.f(x, x) and 

3. f(g(Xx.f(x, x)),g(Xx.f(x, x))) y g(Xx.f(x, x)). 

Sub-goal 2 yields by Case Id 

4. f(g(Xx.f(x ) x)) ) g(Xx.f(x ) x))) f(z,z) which yields by Case lb 

5. f(g(Xx.f(x, x)), g(Xx.f(x, x))) z twice, solved by Case la and 

6. {g(Xx.f(x,x)),g(Xx.f(x,x))}(>z^){z, z} solved by Case laapplied 
twice. 

We are left with sub-goal 3 which yields by Case lc 

7. f(g(\x.f(x : x)) : g(\x.f(x : x)))y\x.f(x : x), which happens to be 
the already solved sub-goal 2, and we are done. 

With the definition we gave, sub-goal 6 becomes: 
{g(Xx.f(x, x)), g(Xx.f(x, x))}(y Ts ) mu i{z, z} and does not succeed since 
the set of previously bound variables has been made empty. 

The reader can check that chosing the precedence g >jr / yields 
exactly the same result in both cases. □ 

Next is an example of non-termination due to Cynthia Kop and Femke 
van Raamsdong [50], obtained when replacing the recursive call s y x w{y i— > 

z} by s y Xu ^ w{y h-> z} in Case 2c. 
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Example 2. Let o be a type, and {/ : o — > o, A : o, B : o — > o — > o} be 
the signature. Let us consider the following non-terminating set of rules: 

@(@(S,A),A)^@(Az:o./(z),A) (1) 

(2) 

since 

A), A) @(A^ : o./(z), A) -y /(A) A), A) 

Let us assume that A>jr f > r B and consider the goals: 

1. A), A) : o y Tg @(Xz : o.f(z), A) : o, and 

2. f(A):oy Ts @(@(B,A),A):o. 

Goal 1 yields two sub-goals by Case 2b: 

3. A : o y Ts A : o, which succeeds trivially, and 

4. @(.B, A) : o — > o ^ Ts : o.f(z) : o — > o which yields by modified 
Case 2c: 

5. ©(5, A) /(V), which yields in turn by Case 2d 

6. A : o >-j£ f(z) : o which yields by Case lc 

7. A : o z : o which succeeds by Case la. 

Note that we have used B for its large type, and A for eliminating 
f(z), exploiting a kind of divide and conquer ability of the ordering. We 
are left with goal 2 which yields two subgoals by Case Id 

8. f(A) y A which succeeds by Case le, and 

9. f (A) y @(B, A), which yields by Case lc: 

10. f(A) y A, which succeeds by Case le, and 

11. f(A) y B, which succeeds by Case lc, therefore ending the compu- 
tation. □ 

More examples justifying our claim that the quest has come to en end 
are given in the full version of this paper. 

We give now an example of use of the computability path ordering 
with the inductive type of Brouwer's ordinals, whose constructor Urn 
takes an infinite sequence of ordinals to build a new, limit ordinal, hence 
admits a functional argument of type N — > O, in which O occurs posi- 
tively. As a consequence, the recursor admits a more complex structure 
than that of natural numbers, with an explicit abstraction in the right-hand 
side of the rule for Um. The strong normalization proof of such recursors 
is known to be hard. 
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Example 3. Brouwer's ordinals. 
0:O S :0^0 Urn : (N -> O) -> O 

rec :Oxax(0^a^«)x ((IN — > 0) — > (IN — > a) — > a) — > a 
The rules defining the recursor on Brouwer's ordinals are: 

rec(0, U, X,W)^U 
rec{S{n), U, X, W) -> n, rec(n, 17, X, W)) 
rec(lim(F), U, X, W) -> @(W, F, An.rec(@(F, n), 17, X, W)) 

Let us try to prove that the third rule is in y Ts . 

1. s = rec(lim(F), U, X, W) y Ts @(W, F, Xn.rec(@(F, n), U, X, W)) 
yields 4 sub-goals according to Case lc: 

2. a >r s ol which is trivially satisfied, and 

3. s y{W, F, Xn.rec(@(F, n), U, X, W)} which simplifies to: 

4. syW which succeeds by Case le, 

5. sy F, which generates by Case le the comparison lim(F) y Ts F 
which fails since lim(F) has a type which is strictly smaller than the 
type of F. 

6. s >- Xn.rec(@(F, n), U, X, W) which yields by Case Id 

7. s rec(@(F, n), U, X, W) which yields by Case lb 

8. {lim(F), U, X, W}(y Ts ) mul {@(F, n), U, X, W}, which reduces to 

9. lim(F) y Ts @(F,n), whose type comparison succeeds, yielding by 
Case lc 

10. lim(F) y F which succeeds by Case le, and 

11. lim(F) y n which fails because track of n has been lost! 

Solving this example requires therefore: first, to access directly the 
subterm F of s in order to avoid the type comparison for lim(F) and F 
when checking recursively whether the comparison s y Xn.rec(@(F, n), 
U, X, W) holds; and second, to keep track of n when comparing lim(F) 
and n. 

3.4 Accessibility 

While keeping the same type structure, we make use here of a fourth 
ingredient, the accessibility relationship for data types introduced in [1 1]. 
This will allow us to solve Brouwer's example, as well as other examples 
of non-simple inductive types. 

We say that a data type is simple is it is a type constant. We restrict 
here our definition of accessibility to simple data types. To this end, we 
assume that all type constructors are constants, that is, have arity zero. 
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We can actually do a little bit more, assuming that simple data types are 
not greater or equal (in >r s ) to non-constant data types, allowing the 
simple data types to live in a separate world. 

The sets of positive and negative positions in a type a are inductively 
defined as follows: 

- Pos + (a) = {e} if a is a simple data type 

- Pos~(a) = if a is a simple data type 

- Pos s (a -> r) = 1 • Pos~ s (a) U 2 • Pos 5 (r) 

where 5 G {+, — }, — h = — and = + (usual rules of signs) 

Then we say that a simple data type a occurs (only) positively in a type 
t if it occurs only at positive positions: Pos(a,r) C Pos + (t), where 
Pos(a, t) is the set of positions of the occurrences of a in r. 

The set Acc(f) of accessible argument positions of a function symbol 
/ : oi . . . <r n — > <7, where er is a simple data type, is the set of integers 
% G {1, . . . , n} such that: 

- no simple data type greater than er occurs in <jj, 

- simple data types equivalent to a occurs only positively in a { . 

Then a term u is accessible in a term i>, written i> > acc u, iff f is a pre- 
algebraic term f(s) and there exists % G Acc(/) such that either u = Sj 
or m is accessible in Sj (C% cc is transitive). 

A term w is accessible in a sequence of terms v iff it is accessible in 
some v G v, in which case we write sC^cc^- Note that the terms accessible 
in a term t> are strict subterms of v. 

We can now obtain a more elaborated ordering as follows: 

Definition 2. s : a >~ x t : r iff either : 

1. s — f(s) with f G T and either of 

(a) t ex 

(b) t = g(t) with f = T g^T, sy x t and U y^) sta t f t 

(c) t = g{t) with f >jr g E {@} and s)~ x t 

(d) t — )y : p.w and s y Xu ^ w{y i— > -zj/or z : (3 fresh 

(e) u y Ts tfor some u 6s 

(/) M — r s ^/ or u suc h that s > acc u 

2. s — @(u,v) and either of 

(a) teX 

(b) t = @(u>') and{u,v}{y Ts ) mul {u',v'} 
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(c) t — Xy : (5.w and s y x w{y h- > z) for z : (3 fresh 

(d) u >zt s torv * 

(e) u = Xx : a.iu and w{x i— > f } ^ x t 
3. s = Aa; : a.u and either of 

(a) teX 

(b) t — Xy : a =r s /3 and-u{:r i-^z} ^ x w{yi—>z} for z:/3 fresh 

(c) t — Xy : a t^t s /3 ««<i s ^ x u>{y i— > 2} /or z : (3 fresh 

(d) u{x 1— > 2} t/or z : afresh 

(e) u = @(v, x), x £ Var(v) and v y x t 

where u : a y X cc t '■ T iff a —T s i~, t — @(v, w), u > acc v and s y x w. 

The only differences with the previous definition are in Case lb of 
the main definition which uses an additional ordering based on the 
accessibility relationship t^ cc to compare subterms headed by equivalent 
function symbols, and in Case If which uses the same relationship t> acc 
to reach deep subterms that could not be reached otherwise. Following 
up a previous discussion, notice that we have kept the same formulation 
in Cases 2c and 3c, rather than use the easier condition y ^ Var(w). 

We could of course strengthen by giving additional cases, for 
handling abstractions and function symbols on the right [11,15]. We 
could also think of improving Case le by replacing s> acc u by the stronger 
condition s u. We have not tried these improvements yet. 

We now revisit Brouwer's example, whose strong normalization proof 
is checked automatically by this new version of the ordering: 

Example 4. Brouwer's ordinals. 

We skip goals 2,3,4 which do not differ from the previous attempt. 

1. s = rec(lim(F),U,X,W)y Ts @(W,F,Xn.rec(@(F,n),U,X,W)) 
yields 4 sub-goals according to Case lc: 

5. sy F, which succeeds now by Case If, 

6. s >- Xn.rec(@(F, n), U, X, W) which yields by Case Id 

7. s y {n} rec(@(F, n),U, X, W) which yields goals 8 and 12 by Case lb 

8. {lim(F), U, X, W}(y Ts U y{^ s ) mul {@(F, n), U, X, W}, which re- 
duces to 

9. lim(F) y[cj' s @(F, n) which succeeds since O =r s O, F is accessi- 
ble in lim(F) and s n by case Case la. Our remaining goal 

10. syW{@(F,n),U,X,W} 

decomposes into three goals trivially solved by Case le, that is 

11. sy {n} {U,X,W},and one additional goal 
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12. s @(F, n) which yields two goals by Case lc 

13. s F, which succeeds by Case If, and 

14. s n which succeeds by Case la, thus ending the computation. 
4 Conclusion 

An implementation of CPO with examples is available from the web page 
of the third author. 

There is still a couple of possible improvements that deserve to be 
explored thoroughly: change -if possible at all- the recursive calls of 
Cases le, 2c and 3c of the definition of CPO as discussed in Section 3; 
ordering T U {@} arbitrarily -this would be useful for some examples, 
e.g., some versions of Jay's pattern calculus [33]; increasing the set of 
accessible terms; and improve the definition of the accessibility ordering 
>-* cc , possibly by making it recursive. 

A more challenging problem to be investigated then is the generaliza- 
tion of this new definition to the calculus of constructions along the lines 
of [51] and the suggestions made in [40], where an RPO-like ordering on 
types was proposed which allowed to give a single definition for terms 
and types. Starting this work with definition 1 is of course desirable. 

Finally, it appears that the recursive path ordering and the computabil- 
ity closure are kind of dual of each other: the definitions are quite similar, 
the closure constructing a set of terms while the ordering deconstructs 
terms to be compared, the basic case being the same: bound variables 
and various kinds of subterms. Besides, the properties to be satisfied by 
the type ordering, which were infered from the proof of the computability 
predicates, almost characterize a recursive path ordering on the first-order 
type structure. An intriguing, challenging question is therefore to under- 
stand the precise relationship between computability predicates and path 
ordering s. 

Acknowledgements: the second author wishes to point out the cru- 
cial participation of Mitsuhiro Okada to the very beginning of this quest, 
and to thank Makoto Tatsuta for inviting him in december 2007 at the 
National Institute for Informatics in Tokyo, whose support provided him 
with the ressources, peace and impetus to conclude this quest with his 
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